Sr. CSOC Consultant/ Analyst
|
||||||||||||||||||
|
الوصف الوظيفي •Design, build and manage Security Operations Center (SOC), while implementing SIEM and related technology solutions for security event monitoring, security incident management and emergency response in multi-tenant environment. •Design SOC services (threat monitoring, threat intelligence, vulnerability management, forensics, emergency response, etc.) and develop service catalogue to support service deliveries. •Perform threat modeling, identify threat vectors and develop/implement use cases for threat monitoring and management. •Responsible for integration of standard and non-standard logs in SIEM, while building relevant parsers for integration of relevant assets and entities, such as NGFW, IPS/IDS, EDR,MDM, Web content filtering solutions, NAC, IDAM, PAM, DLP Solutions, Cloud security solutions, IoT devices, OT systems, etc. •Design and contribute in implementation of strong log management strategy for SOC and Operations. •Ensure to build and enable team for security event/incident identification, risk assessment, quantification, reporting, communication, escalation, monitoring and mitigation. •Design and develop technical documentations, work instructions, knowledge base articles. •Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives. •Ensure On-time Daily, Weekly, Monthly and Quarterly Meetings / Reviews with Team and other stakeholder management. •Act as a mentor for team to provide technical help and periodically plan for teams trainings as a part of team’s technical skill enhancement program. •Creation of reports, dashboards, metrics for SOC operations and presentation to Management المهارات •5-8 Years of IT work experience with at least 5 Years in security operation/ Security incident management experience. •Must have experience in SoC or incident response team for at least 4 years. •Must have good experience in managing SIEM, developing & Finetuning Correlation rules, Log analysis network analysis, pattern/ Trend analysis •Knowledge of security policy and technical standard development, secure infrastructure design reviews, multi-tiered trust zone structures, and complex networking through multiple level network security structures •Must have working knowledge of enterprise security technologies like End point protection suite, network firewalls, IPS, Gateway antivirus, Proxy servers, Identity and access management tools & knowledge of application security concepts Skills/Tools Experience •Must have hands on experience on SIEM (QRadar, Log Rhythm, SolarWinds, RSA NetWitnessetc.) •Must have hands on experience on Palo Alto Nex Gen firewall Including, Web filtering, IPS,Gateway AV & DLP Blue cote proxy, Cisco IronPort, Nessus vulnerability scanners, IBM BurpSuite, Infoblox DNS Security, F5 LTM, ASM (WAF), Trend micro, Kaspersky, Cloud strike, •Experience with CSIRP/Incident management •Report analysis and preparations. Academic Qualifications & Certifications •Bachelor’s Degree in Engineering (BTech/B. E), MTech, MSc in IT related field. •Desirable but not mandatory CCNA, CEH, Certified Security Operation Center Analyst (CSOPA),CompTIA Cybersecurity Analyst (CySA+), CISSP. تفاصيل الوظيفة https://www.bayt.com/ar/qatar/jobs/sr-csoc-consultant-analyst-4402037/ |
||||||||||||||||||
نسخة للطباعة 
ابلغ عن اعلان مخالف